Understanding DoS and DDoS Attacks
Here’s the rundown on a growing cyberspace menace that represents a threat to online services, websites, and platforms.
What is a denial-of-service (DoS) attack?
Denial-of-service (DoS) happens when you can no longer access digital information or services. With DoS, an attacker can prevent you from accessing websites, online accounts – including your email and bank accounts.
Attackers can deny you access by targeting the following:
-Your network connection; or
-The computers and networks of the websites you are trying to access.
Types of DoS Attacks
In network flooding, attackers “flood” the network with information. Whenever you enter a URL into your web browser, a request is then sent to the computer server of the website that you are trying to access. Servers have limitations. They can only process a certain number of requests at a given time. Attackers can deny access to a website by overloading or flooding the server with requests. It cannot then process your request to view the site. This way, attackers can deny you access to a particular site – thus, the term “denial-of-service” came into being.
Email flooding can happen not just with free email services like Yahoo or Hotmail, but also with the email supplied to you by your employer. Remember that your email account has a specific quota. If you exceed this quota, you can no longer receive legitimate email messages. In email flooding, attackers can deny you access to your email account by flooding your email account with too many or large messages. In this type of denial-of service, attackers will consume your email quota, thereby, blocking you from receiving genuine messages from legitimate contacts.
What is a distributed denial-of-service (DDoS) attack?
A DDoS attack is similar to DoS. The difference between the two is that in a DDoS, attackers may access your computer to attack another computer. Once attackers take control of your computer, they could send a huge amount of data to a server or to specific email addresses.
It is called “distributed” because the attackers need to use a number of computers, including your own, to initiate an attack.
The hosting company OVH was recently hit by a DDoS attack.
OVH founder and CTO Octave Klaba reported via his Twitter account the said attack.
“Last days, we got lot of huge DDoS. Here, the list of “bigger that 100Gbps” only. You can see the simultaneous DDoS are close to 1Tbps!,” Klaba wrote on his Twitter account.
How to prevent DoS/DDoS attacks?
According to the United States Computer Emergency Readiness Team (US-CERT), “Unfortunately, there are no effective ways to prevent being the victim of DoS or DDoS attack….”
The US-CERT, however, gives the following tips to reduce the likelihood of DoS or DDoS attack:
1. Install and maintain anti-virus software
2. Install a firewall and configure it to limit traffic coming in and out of your computer
3. Follow good security practices for distributing your email address. Using email filters, according to US-CERT, may help you manage unwanted traffic.
What to do during a DoS or DDoS attack?
According to US-CERT, it is difficult to determine the actual source or actual target of DoS or DDoS attack.
The best solution in case of a DoS or DDoS attack is to seek professional help. Contact your network administrator if you cannot access files or external websites using your computer at work.
In case you cannot access your files or external websites using your personal computer, contact your internet service provider (ISP).
Respondents of the Arbor Networks’ 2015 “Worldwide Infrastructure Security Report” listed the following as their DDoS mitigation techniques:
• Intelligence DDoS mitigation systems (IDMS)
• Access control lists (ACLs)
• Destination-based remote triggered blackhole (D/RTBH)
• Source-based remote triggered blackhole (S/RTBH)
• Managed security service provider
• Content delivery network (CDN)
Featured image from Shutterstock.